Introduction

Microsoft's Internet Information Services (IIS) is one of the most popular Web servers in use on the Internet and in intranets throughout the world. Windows Server 2003 includes the latest version, IIS 6.0. There have been changes, additions and improvements to the software in the areas of core functionality and services, administration, security, and performance. IIS 6.0 has been redesigned to provide better reliability and more flexibility in configuring application environments.

A Web server is a common point of vulnerability to hackers. In the past, it has been common for servers to be running "rogue" Web services without the knowledge of administrators. Thus, for security reasons, IIS 6.0 is not installed by default on Windows Server 2003 servers (with the exception of the Web Server Edition), and when you do install it, it is initially configured in a high security ("locked") mode. Because Web servers are common targets of attack due to their exposure to those outside the local network, security is a priority in this new version. Consequently, a number of important Web services features which worked automatically in previous versions now have to be explicitly enabled before they will work. This new focus on security means administrators need to familiarize themselves with these changes to provide the Web server services needed on their networks.

In this chapter, we take you through the installation and configuration process for IIS 6.0 and introduce you to its new features, including security features, reliability features, and other new features.